CERTA-2003-AVI-142

Vulnerability from certfr_avis - Published: - Updated:

Un défaut dans le client SNTP intégré aux routeurs Netgear est à la source d'un déni de service à l'encontre de certains serveurs NTP publics.

Description

Les routeurs Netgear font appel au protocole SNTP (Simple Network Time Protocol) afin de se synchroniser avec des serveurs NTP publics. Les datagrammes UDP ainsi émis ont pour caractéristique d'utiliser le port source 23457. La cadence d'interrogation du client SNTP est trop élevée (une requête par seconde jusqu'à obtention d'une réponse), ce qui entraîne un déni de service pour les serveurs NTP publics ainsi que du trafic inutile sur le réseau.

Solution

Appliquer le correctif de Netgear :

http://kbserver.netgear.com/kb_web_files/n101176.asp

Routeurs Netgear RP614, RP614v2, DG814, MR814 et HR314.

Impacted products
Vendor Product Description
References
Rapport technique de l'université du Wisconsin None vendor-advisory
Avis de Netgear None vendor-advisory

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eRouteurs Netgear RP614, RP614v2, DG814, MR814 et HR314.\u003c/P\u003e",
  "content": "## Description\n\nLes routeurs Netgear font appel au protocole SNTP (Simple Network Time\nProtocol) afin de se synchroniser avec des serveurs NTP publics. Les\ndatagrammes UDP ainsi \u00e9mis ont pour caract\u00e9ristique d\u0027utiliser le port\nsource 23457. La cadence d\u0027interrogation du client SNTP est trop \u00e9lev\u00e9e\n(une requ\u00eate par seconde jusqu\u0027\u00e0 obtention d\u0027une r\u00e9ponse), ce qui\nentra\u00eene un d\u00e9ni de service pour les serveurs NTP publics ainsi que du\ntrafic inutile sur le r\u00e9seau.\n\n## Solution\n\nAppliquer le correctif de Netgear :\n\n    http://kbserver.netgear.com/kb_web_files/n101176.asp\n",
  "cves": [],
  "links": [],
  "reference": "CERTA-2003-AVI-142",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2003-08-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Participation \u00e0 un d\u00e9ni de service"
    }
  ],
  "summary": "Un d\u00e9faut dans le client SNTP int\u00e9gr\u00e9 aux routeurs Netgear est \u00e0 la\nsource d\u0027un d\u00e9ni de service \u00e0 l\u0027encontre de certains serveurs NTP\npublics.\n",
  "title": "D\u00e9faut du client SNTP des routeurs Netgear",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Rapport technique de l\u0027universit\u00e9 du Wisconsin",
      "url": null
    },
    {
      "published_at": null,
      "title": "Avis de Netgear",
      "url": "http://kbserver.netgear.com/kb_web_files/n101176.asp"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.